Lucene search

[email protected]CVE-2011-1643

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-1643

2022-10-0316:15:08

CWE-200

[email protected]

web.nvd.nist.gov

cve-2011-1643

cisco

unified communications manager

cucm

callmanager

security vulnerability

ssl session

database

remote attack

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.0%

JSON

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.

Affected configurations

NVD

Node

ciscounified_communications_managerMatch6.0

ciscounified_communications_managerMatch6.1\(1\)

ciscounified_communications_managerMatch6.1\(1a\)

ciscounified_communications_managerMatch6.1\(1b\)

ciscounified_communications_managerMatch6.1\(2\)

ciscounified_communications_managerMatch6.1\(2\)su1

ciscounified_communications_managerMatch6.1\(2\)su1a

ciscounified_communications_managerMatch6.1\(3\)

ciscounified_communications_managerMatch6.1\(3a\)

ciscounified_communications_managerMatch6.1\(3b\)

ciscounified_communications_managerMatch6.1\(3b\)su1

ciscounified_communications_managerMatch6.1\(4\)

ciscounified_communications_managerMatch6.1\(4\)su1

ciscounified_communications_managerMatch6.1\(4a\)

ciscounified_communications_managerMatch6.1\(4a\)su2

ciscounified_communications_managerMatch6.1\(5\)

ciscounified_communications_managerMatch6.1\(5\)su1

ciscounified_communications_managerMatch6.1\(5\)su2

ciscounified_communications_managerMatch7.0\(1\)su1

ciscounified_communications_managerMatch7.0\(1\)su1a

ciscounified_communications_managerMatch7.0\(2\)

ciscounified_communications_managerMatch7.0\(2a\)

ciscounified_communications_managerMatch7.0\(2a\)su1

ciscounified_communications_managerMatch7.0\(2a\)su2

ciscounified_communications_managerMatch7.1\(2a\)

ciscounified_communications_managerMatch7.1\(2a\)su1

ciscounified_communications_managerMatch7.1\(2b\)

ciscounified_communications_managerMatch7.1\(2b\)su1

ciscounified_communications_managerMatch7.1\(3\)

ciscounified_communications_managerMatch7.1\(3a\)

ciscounified_communications_managerMatch7.1\(3a\)su1

ciscounified_communications_managerMatch7.1\(3a\)su1a

ciscounified_communications_managerMatch7.1\(3b\)

ciscounified_communications_managerMatch7.1\(3b\)su1

ciscounified_communications_managerMatch7.1\(3b\)su2

ciscounified_communications_managerMatch7.1\(5\)

ciscounified_communications_managerMatch7.1\(5\)su1

ciscounified_communications_managerMatch7.1\(5\)su1a

ciscounified_communications_managerMatch7.1\(5a\)

ciscounified_communications_managerMatch7.1\(5b\)

ciscounified_communications_managerMatch7.1\(5b\)su1

ciscounified_communications_managerMatch7.1\(5b\)su1a

ciscounified_communications_managerMatch7.1\(5b\)su2

ciscounified_communications_managerMatch7.1\(5b\)su3

ciscounified_communications_managerMatch8.0

ciscounified_communications_managerMatch8.5

ciscounified_communications_managerMatch8.5\(1\)

ciscounified_communications_managerMatch8.5\(1\)su1

Node

ciscounified_presence_serverMatch6.0\(1\)

ciscounified_presence_serverMatch6.0\(2\)

ciscounified_presence_serverMatch6.0\(3\)

ciscounified_presence_serverMatch6.0\(4\)

ciscounified_presence_serverMatch6.0\(5\)

ciscounified_presence_serverMatch6.0\(6\)

ciscounified_presence_serverMatch6.0\(7\)

ciscounified_presence_serverMatch7.0\(1\)

ciscounified_presence_serverMatch7.0\(2\)

ciscounified_presence_serverMatch7.0\(3\)

ciscounified_presence_serverMatch7.0\(4\)

ciscounified_presence_serverMatch7.0\(5\)

ciscounified_presence_serverMatch7.0\(6\)

ciscounified_presence_serverMatch7.0\(7\)

ciscounified_presence_serverMatch7.0\(8\)

ciscounified_presence_serverMatch7.0\(9\)

ciscounified_presence_serverMatch8.0

ciscounified_presence_serverMatch8.5

ciscounified_presence_serverMatch8.5\(1\)

ciscounified_presence_serverMatch8.5\(2\)

ciscounified_presence_serverMatch8.5\(3\)

CPENameOperatorVersion
cisco:unified_communications_managercisco unified communications managereq6.0
cisco:unified_communications_managercisco unified communications managereq6.1\(1\)
cisco:unified_communications_managercisco unified communications managereq6.1\(1a\)
cisco:unified_communications_managercisco unified communications managereq6.1\(1b\)
cisco:unified_communications_managercisco unified communications managereq6.1\(2\)
cisco:unified_communications_managercisco unified communications managereq6.1\(2\)su1
cisco:unified_communications_managercisco unified communications managereq6.1\(2\)su1a
cisco:unified_communications_managercisco unified communications managereq6.1\(3\)
cisco:unified_communications_managercisco unified communications managereq6.1\(3a\)
cisco:unified_communications_managercisco unified communications managereq6.1\(3b\)

CPE	Name	Operator	Version
cisco:unified_communications_manager	cisco unified communications manager	eq	6.0
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(1\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(1a\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(1b\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(2\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(2\)su1
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(2\)su1a
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(3\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(3a\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(3b\)

Rows per page:

1-10 of 481

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for CVE-2011-1643

securityvulns2 nvd1 cvelist1 prion1